-
Notifications
You must be signed in to change notification settings - Fork 0
Self Hosting
Here you will find instructions on how to host your own instance of ShiraKamiSRS.
ShiraKamiSRS is provided as a Docker image to run as a container. It requires access to a MariaDB instance. The instructions below will guide you through setting up both.
The only requirement is that you have a machine with Docker and Docker Compose installed. If you plan on exposing your instance publicly, it might be useful to have a custom domain configured with DNS records pointing to your machine.
In this setup guide we will set up both ShiraKamiSRS and MariaDB using Docker and Docker Compose. While it certainly is not a requirement to use Docker Compose, or to run MariaDB as a Docker container, this is the route that will be taken here. In case you are looking for a setup different from this, you probably know what to do already.
Create a docker-compose.yml file and set it up as follows:
version: '3'
services:
shirakamisrs:
container_name: shirakamisrs
image: ghcr.io/bemacized/shirakami-srs:latest
restart: unless-stopped
ports:
- <WEB_PORT>:3000
environment:
- MYSQL_HOST=mariadb
- MYSQL_PASSWORD=<YOUR_DB_PASSWORD>
- JWT_SECRET=<RANDOM_SECRET>
mariadb:
container_name: mariadb
image: mariadb
restart: unless-stopped
volumes:
- ./mariadb/data:/var/lib/mysql
environment:
- MYSQL_DATABASE=shirakami
- MYSQL_USER=shirakami
- MYSQL_PASSWORD=<YOUR_DB_PASSWORD>Make sure to:
- Replace the two
<YOUR_DB_PASSWORD>cases with a sufficiently safe password to protect your database - Replace
<RANDOM_SECRET>with your own random string. This is used for signing authentication tokens and should be unique to your instance. - Replace
<WEB_PORT>with the port you want to expose ShiraKamiSRS on. If you don't know, use80.
There are many more configuration options for ShiraKamiSRS. Find out on the Image Configuration page what they are and what they do.
You can now start ShiraKamiSRS by running the following command in the directory where you saved your docker-compose.yml:
docker-compose upor as follows if you want to run it in detached mode:
docker-compose up -dYou can now visit your ShiraKamiSRS instance at http://<your_machine_ip>:<web_port>.
In case you are planning on running your ShiraKamiSRS instance publicly, it might be a good idea to:
- Set up a custom domain (for ease of use)
- Enable HTTPS/SSL for security
Setting up HTTPS is especially important for public instances, as it makes sure your users credentials are not sent in plaintext.
As ShiraKamiSRS does not support HTTPS out of the box, you are expected to use a reverse proxy. Below will be described how to set this up using Caddy as your reverse proxy, which will automatically set up a SSL certificate for you using Lets Encrypt.
We will assume you have already pointed your custom domain at your machine. You can do this by adding a DNS "A" record pointing towards your public IP. This guide will not go over how to do this.
-
First, start off by removing the exposed port on your ShiraKamiSRS instance. You can do this by removing the following two lines from your
docker-compose.yml:ports: - <WEB_PORT>:3000
-
Add the following service at the bottom of your
docker-compose.yml:caddy: container_name: caddy image: caddy:2.3.0-alpine restart: unless-stopped ports: - 80:80 - 443:443 volumes: - ./caddy/data:/data - ./caddy/config:/config - ./caddy/Caddyfile:/etc/caddy/Caddyfile
-
Create a Caddyfile at
./caddy/Caddyfilerelative to yourdocker-compose.yml:yourcustomdomain.com { reverse_proxy shirakamisrs:3000 }Replace
yourcustomdomain.comwith the custom domain you pointed towards your machine. In case you changed the service name for your ShiraKamiSRS container in yourdocker-compose.yml, make sure to updateshirakamisrsin your Caddyfile to be identical to this one, as it functions as the hostname of your container. -
Run
docker-compose upordocker-compose up -dto update ShiraKamiSRS and launch Caddy.
ShiraKamiSRS should now be running on your custom domain. It might take a few minutes for Caddy to provision your Lets Encrypt certificate.
The best idea would be to look through the configurable options on the Image Configuration page, as there are a few optional features you might want to configure next.
A few examples could be:
- Enabling account verification (Which requires Configuring SMTP)
- Enabling password resets (Which also requires Configuring SMTP)